<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html lang="en-US">
 <head>
      <link href="https://dev.horde.org/h/static/fa7bf3a095af0222.css" rel="stylesheet" type="text/css" />  <link type="image/x-icon" href="/h/jonah/themes/default/graphics/favicon.ico" rel="shortcut icon" />  <link rel="alternate" type="application/rss+xml" href="https://dev.horde.org/h/jonah/delivery/rss.php?channel_id=1" title="RSS 0.91" />  <title>News</title>
 </head>

 <body>
<div id="horde-head">
  <div id="horde-logo"><a class="icon" href="/h/services/portal/"></a></div>
  <div id="horde-version">6.0.0-git</div>
  <div id="horde-navigation">
    <div class="horde-navipoint">
      <div class="horde-point-left"></div>
      <ul class="horde-dropdown">
        <li>
          <div class="horde-point-center">
            <a class="horde-mainnavi" href="https://tasks.horde.org/">
              <span class="horde-point-arrow">&#9662;</span>
              Tasks            </a>
          </div>
        <ul>
          <li>
            <div class="horde-drowdown-str"><a class="horde-mainnavi" href="https://tasks.horde.org/task.php?actionID=add_task">New Task</a></div>
          </li>
          <li>
            <div class="horde-drowdown-str"><a class="horde-mainnavi" href="https://tasks.horde.org/search.php">Search</a></div>
          </li>
        </ul>
        </li>
      </ul>
      <div class="horde-point-right"></div>
    </div>
    <div class="horde-navipoint">
      <div class="horde-point-left"></div>
      <ul class="horde-dropdown">
        <li>
          <div class="horde-point-center">
            <a class="horde-mainnavi" href="/h/ansel/">
              Photos            </a>
          </div>
        </li>
      </ul>
      <div class="horde-point-right"></div>
    </div>
    <div class="horde-navipoint">
      <div class="horde-point-left"></div>
      <ul class="horde-dropdown">
        <li>
          <div class="horde-point-center">
            <a class="horde-mainnavi" href="https://wiki.horde.org/">
              Wiki            </a>
          </div>
        </li>
      </ul>
      <div class="horde-point-right"></div>
    </div>
    <div class="horde-navipoint">
      <div class="horde-point-left"></div>
      <ul class="horde-dropdown">
        <li>
          <div class="horde-point-center">
            <a class="horde-mainnavi" href="https://bugs.horde.org/">
              <span class="horde-point-arrow">&#9662;</span>
              Tickets            </a>
          </div>
        <ul>
          <li>
            <div class="horde-drowdown-str"><a class="horde-mainnavi" href="https://bugs.horde.org/ticket/create.php">New Ticket</a></div>
          </li>
          <li>
            <div class="horde-drowdown-str"><a class="horde-mainnavi" href="https://bugs.horde.org/search.php">Search</a></div>
          </li>
        </ul>
        </li>
      </ul>
      <div class="horde-point-right"></div>
    </div>
    <div class="horde-navipoint">
      <div class="horde-point-left"></div>
      <ul class="horde-dropdown">
        <li>
          <div class="horde-settings horde-icon-settings">
            <a class="horde-mainnavi" href="#">
                          </a>
          </div>
        <ul>
          <li>
            <div class="horde-drowdown-str"><a class="horde-mainnavi" href="javascript:void(HordeCore.Growler.toggleLog());">Toggle Alerts Log</a></div>
          </li>
          <li>
            <div class="horde-drowdown-str"><a class="horde-mainnavi" href="/h/services/help/?module=jonah" target="help" onclick="void(HordePopup.popup('%7B%22url%22%3A%22%5C%2Fh%5C%2Fservices%5C%2Fhelp%5C%2F%22%2C%22params%22%3A%7B%22module%22%3A%22jonah%22%7D%7D'));return false;">Help</a></div>
          </li>
        </ul>
        </li>
      </ul>
      <div class="horde-point-right"></div>
    </div>
  </div>
  <div id="horde-login"><a class="icon" title="Log in" href="/h/login.php?url=https%3A%2F%2Fdev.horde.org%2Fh%2Fjonah%2Fstories%2Fview.php%3Fchannel_id%3D1%26id%3D155%26_t%3D1640305912%26_h%3DEMT1NudMHoE4QUr437tpAXStkHs"></a></div>
</div>
<div id="horde-sub">
  <div id="horde-date">2021-12-24</div>
  <div id="horde-info"></div>
</div>
<div id="horde-body">
<div id="horde-contentwrapper">
<div id="horde-content" style="margin-left:210px">
<div style="float:right;"><div class="tagSelector"><div class="tagcloud">
<a style="font-size:20px" class="earliest" href="/h/jonah/stories/results.php?tag=ansel&amp;channel_id=1">ansel</a>
<a style="font-size:13px" class="earliest" href="/h/jonah/stories/results.php?tag=dimp&amp;channel_id=1">dimp</a>
<a style="font-size:20px" class="earliest" href="/h/jonah/stories/results.php?tag=gollem&amp;channel_id=1">gollem</a>
<a style="font-size:29px" class="earliest" href="/h/jonah/stories/results.php?tag=groupware&amp;channel_id=1">groupware</a>
<a style="font-size:34px" class="earliest" href="/h/jonah/stories/results.php?tag=horde&amp;channel_id=1">horde</a>
<a style="font-size:36px" class="earliest" href="/h/jonah/stories/results.php?tag=imp&amp;channel_id=1">imp</a>
<a style="font-size:30px" class="earliest" href="/h/jonah/stories/results.php?tag=ingo&amp;channel_id=1">ingo</a>
<a style="font-size:33px" class="earliest" href="/h/jonah/stories/results.php?tag=kronolith&amp;channel_id=1">kronolith</a>
<a style="font-size:12px" class="earliest" href="/h/jonah/stories/results.php?tag=mimp&amp;channel_id=1">mimp</a>
<a style="font-size:27px" class="earliest" href="/h/jonah/stories/results.php?tag=mnemo&amp;channel_id=1">mnemo</a>
<a style="font-size:30px" class="earliest" href="/h/jonah/stories/results.php?tag=nag&amp;channel_id=1">nag</a>
<a style="font-size:18px" class="earliest" href="/h/jonah/stories/results.php?tag=passwd&amp;channel_id=1">passwd</a>
<a style="font-size:14px" class="earliest" href="/h/jonah/stories/results.php?tag=sesha&amp;channel_id=1">sesha</a>
<a style="font-size:18px" class="earliest" href="/h/jonah/stories/results.php?tag=trean&amp;channel_id=1">trean</a>
<a style="font-size:32px" class="earliest" href="/h/jonah/stories/results.php?tag=turba&amp;channel_id=1">turba</a>
<a style="font-size:29px" class="earliest" href="/h/jonah/stories/results.php?tag=webmail&amp;channel_id=1">webmail</a>
<a style="font-size:20px" class="earliest" href="/h/jonah/stories/results.php?tag=whups&amp;channel_id=1">whups</a>
<a style="font-size:20px" class="earliest" href="/h/jonah/stories/results.php?tag=wicked&amp;channel_id=1">wicked</a>
</div>
</div></div><div style="margin-right:170px;">
  <h1 class="header"><span class="storyDate">2012-02-13</span>[SECURITY] Remote execution backdoor after server hack</h1><div class="storyTags">Tags:</div><div class="storySubtitle">A few days ago we became aware of a manipulated file on our FTP server. Upon further investigation we discovered that the server has been hacked earlier, and three releases have been manipulated to allow unauthenticated remote PHP execution.</div><div class="storyBody">We have immediately taken down all distribution servers to further analyze the extent of this incident, and we have worked closely with various Linux distributions to coordinate our response.<br />
Since then the FTP and PEAR servers have been replaced and further secured. Clean versions of our releases have been uploaded.<br />
<br />
This issue will be tracked as CVE-2012-0209: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0209" target="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0209</a><br />
<br />
We have been able to limit the manipulation to three files downloaded during a certain timeframe. The affected releases are:<br />
- Horde 3.3.12 downloaded between November 15 and February 7<br />
- Horde Groupware 1.2.10 downloaded between November 9 and February 7<br />
- Horde Groupware Webmail Edition 1.2.10 downloaded between November 2 and February 7<br />
<br />
No other releases have been affected. Specifically, no Horde 4 releases were compromised. Our CVS and Git repositories are not affected either. Linux distributions that are affected will notify and provide security releases individually.<br />
<br />
If you are not sure whether you are affected or want to verify manually whether you are affected, you can search for this signature in your Horde directory tree:<br />
<br />
$m[1]($m[2])<br />
<br />
We recommend that all users of the affected version immediately re-install using fresh copies downloaded from our FTP server, or to upgrade to the more recent versions that have been released since then. This is a list of suggested replacements and their MD5 checksums:<br />
<br />
bc04ce4499af24a403429c81d0a8afcf <a href="ftp://ftp.horde.org/pub/horde/horde-3.3.12.tar.gz" target="_blank">ftp://ftp.horde.org/pub/horde/horde-3.3.12.tar.gz</a><br />
5a0486a5f6f96a9957e770ddabe71b38 <a href="ftp://ftp.horde.org/pub/horde/horde-3.3.13.tar.gz" target="_blank">ftp://ftp.horde.org/pub/horde/horde-3.3.13.tar.gz</a><br />
4bdab16c84513bbd9466cb0dc7464661 <a href="ftp://ftp.horde.org/pub/horde-groupware/horde-groupware-1.2.10.tar.gz" target="_blank">ftp://ftp.horde.org/pub/horde-groupware/horde-groupware-1.2.10.tar.gz</a><br />
fed921b55a8f544fba806333502cd45d <a href="ftp://ftp.horde.org/pub/horde-groupware/horde-groupware-1.2.11.tar.gz" target="_blank">ftp://ftp.horde.org/pub/horde-groupware/horde-groupware-1.2.11.tar.gz</a><br />
60e100c3e4ab59c01d30bf5eb813a182 <a href="ftp://ftp.horde.org/pub/horde-webmail/horde-webmail-1.2.10.tar.gz" target="_blank">ftp://ftp.horde.org/pub/horde-webmail/horde-webmail-1.2.10.tar.gz</a><br />
6f735266449bfda2cce8b5067b16ff74 <a href="ftp://ftp.horde.org/pub/horde-webmail/horde-webmail-1.2.11.tar.gz" target="_blank">ftp://ftp.horde.org/pub/horde-webmail/horde-webmail-1.2.11.tar.gz</a><br />
<br />
If you are running Horde 4, you don't need to do anything.<br />
<br />
We apologize for the inconvenience and assure you that we are undertaking a full security review of our procedures to prevent this kind of incident from happening again.<br />
<br />
If you have further questions, please ask on the Horde mailing list: <a href="http://www.horde.org/community/mail" target="_blank">http://www.horde.org/community/mail</a></div>  <div class="storyLinks"></div></div>
</div>
</div>

<div id="horde-sidebar" style="width:210px">



</div>

<div id="horde-slideleft" class="horde-splitbar-vert" style="left:210px">
  <div id="horde-slideleftcursor" class="horde-splitbar-vert-handle"></div>
</div>
</div>
  <script type="text/javascript" src="/h/js/prototype.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script><script type="text/javascript" src="/h/js/horde.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script><script type="text/javascript" src="/h/js/syntaxhighlighter/scripts/shCore.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script><script type="text/javascript" src="/h/js/syntaxhighlighter/scripts/shAutoloader.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script><script type="text/javascript" src="/h/js/accesskeys.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script><script type="text/javascript" src="/h/js/popup.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script><script type="text/javascript" src="/h/js/date/en-US.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script><script type="text/javascript" src="/h/js/date/date.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script><script type="text/javascript" src="/h/js/topbar.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script><script type="text/javascript" src="/h/js/sidebar.js?v=830f6bf3f2f6286088a4dc87175cd80e"></script>  <script type="text/javascript">//<![CDATA[
document.observe("dom:loaded",function(){SyntaxHighlighter.autoloader(
          'applescript            /h/js/syntaxhighlighter/scripts/shBrushAppleScript.js',
          'actionscript3 as3      /h/js/syntaxhighlighter/scripts/shBrushAS3.js',
          'bash shell             /h/js/syntaxhighlighter/scripts/shBrushBash.js',
          'coldfusion cf          /h/js/syntaxhighlighter/scripts/shBrushColdFusion.js',
          'cpp c                  /h/js/syntaxhighlighter/scripts/shBrushCpp.js',
          'c# c-sharp csharp      /h/js/syntaxhighlighter/scripts/shBrushCSharp.js',
          'css                    /h/js/syntaxhighlighter/scripts/shBrushCss.js',
          'delphi pascal          /h/js/syntaxhighlighter/scripts/shBrushDelphi.js',
          'diff patch pas         /h/js/syntaxhighlighter/scripts/shBrushDiff.js',
          'erl erlang             /h/js/syntaxhighlighter/scripts/shBrushErlang.js',
          'groovy                 /h/js/syntaxhighlighter/scripts/shBrushGroovy.js',
          'java                   /h/js/syntaxhighlighter/scripts/shBrushJava.js',
          'jfx javafx             /h/js/syntaxhighlighter/scripts/shBrushJavaFX.js',
          'js jscript javascript  /h/js/syntaxhighlighter/scripts/shBrushJScript.js',
          'perl pl                /h/js/syntaxhighlighter/scripts/shBrushPerl.js',
          'php                    /h/js/syntaxhighlighter/scripts/shBrushPhp.js',
          'text plain             /h/js/syntaxhighlighter/scripts/shBrushPlain.js',
          'py python              /h/js/syntaxhighlighter/scripts/shBrushPython.js',
          'ruby rails ror rb      /h/js/syntaxhighlighter/scripts/shBrushRuby.js',
          'sass scss              /h/js/syntaxhighlighter/scripts/shBrushSass.js',
          'scala                  /h/js/syntaxhighlighter/scripts/shBrushScala.js',
          'sql                    /h/js/syntaxhighlighter/scripts/shBrushSql.js',
          'vb vbnet               /h/js/syntaxhighlighter/scripts/shBrushVb.js',
          'xml xhtml xslt html    /h/js/syntaxhighlighter/scripts/shBrushXml.js'
        );;SyntaxHighlighter.defaults['toolbar'] = false;SyntaxHighlighter.all();});HordeTopbar.conf={"URI_AJAX":"\/h\/services\/ajax.php\/horde\/","app":"jonah","format":"yyyy-MM-dd","hash":"3649a0f5b1d3bde27519cfc95824fc8e","refresh":300};HordeSidebar.text={"collapse":"Collapse","expand":"Expand"};HordeSidebar.opts={"cookieDomain":".horde.org","cookiePath":"\/"};HordePopup.popup_block_text="A popup window could not be opened. Your browser may be blocking popups.";
//]]></script>
   </body>
</html>
